Cybersecurity Roadmap PDF
Document Details
Uploaded by EffortlessSodalite
Tags
Summary
This document is a roadmap for learning cybersecurity. It details various aspects and resources. It includes CTFs, certifications, and fundamental IT skills.
Full Transcript
CTFs (Capture the Flag) Find the detailed version of this roadmap...
CTFs (Capture the Flag) Find the detailed version of this roadmap along with resources and other roadmaps HackTheBox Cyber Security https://roadmap.sh TryHackMe VulnHub picoCTF Fundamental IT Skills SANS Holiday Hack Challenge Computer Hardware Components Connection Types and their function NFC WiFi Bluetooth Infrared Certifications Beginner Certifications OS-Independent Troubleshooting CompTIA A+ CompTIA Linux+ Understand Basics of Popular Suites iCloud Google Suite Microsoft O!ce Suite CompTIA Network+ CCNA Basics of Computer Networking CompTIA Security+ Windows Linux MacOS Advanced Certifications Operating Systems CISSP CISA CISM Basics of Subnetting GSEC GPEN GWAPT Public vs Private IP Addresses Learn following for Each GIAC OSCP CREST IP Terminology Installation and Configuration CEH localhost loopback CIDR Di"erent Versions and Di"erences subnet mask default gateway Navigating using GUI and CLI Understand the Terminology Understand Permissions VMWare VirtualBox esxi proxmox VLAN DMZ ARP VM Installing Software and Applications Common Virtualization Technologies NAT IP DNS DHCP Performing CRUD on Files Hypervisor VM GuestOS HostOS Router Switch VPN Troubleshooting Understand basics of Virtualization Common Commands MAN LAN WAN WLAN Troubleshooting Tools Understand these nslookup iptables Packet Sni"ers DHCP DNS NTP IPAM Understand the OSI model ipconfig netstat Port Scanners Function of Each ping dig arp Protocol Analyzers Network Topologies Networking Knowledge nmap route tcpdump tracert Star Ring Mesh Bus Common Protocols and their Uses Authentication Methodologies Understand Common Protocols Common Ports and their Uses Kerberos LDAP SSO SSH RDP FTP SFTP SSL and TLS Basics Certificates Local Auth RADIUS HTTP / HTTPS SSL / TLS Basics of NAS and SAN Understand Common Hacking Tools Core Concepts of Zero Trust Understand Common Exploit Frameworks Blue Team vs Red Team vs Purple Team Roles of Compliance and Auditors Understand Concept of Defense in Depth False Negative / False Positive Understand the Definition of Risk True Negative / True Positive Understand Concept of Runbooks Understand Backups and Resiliency Basics of Threat Intel, OSINT Understand Basics of Forensics Basics and Concepts of Threat Hunting Cyber Kill Chain MFA and 2FA Understand Handshakes Basics of Vulnerability Management Operating System Hardening Understand CIA Triad Basics of Reverse Engineering Understand the Concept of Isolation Privilege escalation / User based Attacks Penetration Testing Rules of Engagement Basics of IDS and IPS Honeypots Web Based Attacks and OWASP 10 Perimiter vs DMZ vs Segmentation Authentication vs Authorization Learn how Malware Operates and Types Security Skills and Knowledge Tools for Incident Response and Discovery Basics of Cryptography Attack Types and Di"erences nmap tracert nslookup dig curl Salting Hashing Key Exchange Phishing vs Vishing vs Whaling vs Smishing ipconfig hping ping arp cat dd PKI Pvt Key vs Pub Key Obfuscation Spam vs Spim Shoulder Surfing head tail grep wireshark winhex Dumpster Diving Tailgating Zero Day Understand Secure vs Unsecure Protocols memdump FTK Imager autopsy Social Engineering Reconnaissance FTP vs SFTP SSL vs TLS IPSEC Understand Frameworks DNSSEC LDAPS SRTP S/MIME Impersonation Watering Hole Attack ATT&CK Kill chain Diamond Model Drive by Attack Typo Squatting Understand the following Terms Brute Force vs Password Spray Understand Common Standards Antivirus Antimalware EDR DLP ISO NIST RMF CIS CSF Firewall and Nextgen Firewall HIPS Common Network Based Attacks Understand Common Distros for Hacking NIDS NIPS Host Based Firewall DoS vs DDoS MITM ARP Poisoning SIEM SOAR ParrotOS Kali Linux Sandboxing ACL EAP vs PEAP Evil Twin DNS Poisoning Spoofing WPA vs WPA2 vs WPA3 vs WEP WPS Deauth Attack VLAN Hopping Using tools for unintended purposes LOLBAS Rogue Access Point War-driving/dialing Understand the Incident Response Process Preparation Identification Learn how to find and use these logs Bu"er Overflow Memory Leak XSS Event Logs syslogs netflow Containment Eradication SQL Injection CSRF Replay Attack Packet Captures Firewall Logs Recovery Lessons Learned Pass the Hash Directory Traversal Understand Hardening Concepts Understand Threat Classification Understand Audience MAC-based NAC-based Port Blocking Zero Day Known vs Unknown APT Stakeholders HR Legal Compliance Group Policy ACLs Sinkholes Patching Management Understand Common Tools Jump Server Endpoint Security VirusTotal Joe Sandbox any.run urlvoid urlscan WHOIS Cloud skills and Knowledge Understand concepts of security in the cloud Understand Cloud Services Common Cloud Environments SaaS PaaS IaaS AWS GCP Azure Understand the basics and general flow of deploying in the cloud Understand the di"erences between cloud and on-premises Cloud Models Common Cloud Storage Understand the concept of infrastructure as code Private Public Hybrid S3 Dropbox Box Understand the concept of Serverless OneDrive Google Drive Understand the concept of CDN iCloud Programming Skills and Knowledge (Optional But Recommended) Python Go JavaScript C++ Keep Learning Bash Power Shell